bth.se
EnglishSvenskaNorsk
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Secure Software Engineering Through Sensible AutoMation (SESAM)
Blekinge Institute of Technology, Faculty of Computing, Department of Software Engineering.ORCID iD: 0000-0002-0679-4361
2025 (English)In: International Symposium on Empirical Software Engineering and Measurement, IEEE Computer Society, 2025, p. 502-504Conference paper, Published paper (Refereed)
Abstract [en]

Background: Security is incorporated late in the Software Development Life Cycle (SDLC), whereas early activities supporting developers in understanding and implementing security measures are difficult to integrate.

Aims: The project focuses on empowering developers with tools and practices to seamlessly integrate security and understand the role automation plays in it.

Method: During the project, we perform several industrial empirical studies, qualitative and quantitative, under the Design Science Research paradigm.

Results: Our studies supporting developers to secure their software supply chain show a positive stance despite low adoption of artifacts such as SBOM and VEX. Other efforts, embedding security in GUIbased testing, are showing promising results.

Conclusion: The project covers a broad spectrum of development activities that can be enhanced from a security perspective. Initial results show that despite developers' interest, adoption is limited. 
Place, publisher, year, edition, pages
IEEE Computer Society, 2025. p. 502-504
Series
International Symposium on Empirical Software Engineering and Measurement, ISSN 1949-3770, E-ISSN 1949-3789
Keywords [en]
code reviews, design science research, GUI testing, software security, technical debt, Computer aided design, Graphical user interfaces, Life cycle, Software design, Software testing, Code review, Design-science researches, Empirical studies, Secure software engineering, Security measure, Software development life-cycle, Technical debts, Tools and practices, Industrial research
National Category
Software Engineering
Identifiers
URN: urn:nbn:se:bth-29291DOI: 10.1109/ESEM64174.2025.00027Scopus ID: 2-s2.0-105032664692ISBN: 9798331591472 (print)OAI: oai:DiVA.org:bth-29291DiVA, id: diva2:2049111
Conference
2025 ACM/IEEE International Symposium on Empirical Software Engineering and Measurement, ESEM 2025, Honolulu, Oct 2-3, 2025
Available from: 2026-03-27 Created: 2026-03-27 Last updated: 2026-03-31Bibliographically approved

Open Access in DiVA

fulltext(435 kB)18 downloads
File information
File name FULLTEXT01.pdfFile size 435 kBChecksum SHA-512
f6bc094f633c329bd85d61afa33e1c8aa43fa9c98e08f33ae17570a53606c1b3c0d562e5f95d7808a3e33ffd660e3384953491ee030293a6147c547047d1b52d
Type fulltextMimetype application/pdf

Other links

Publisher's full textScopus

Authority records

Fucci, Davide

Search in DiVA

By author/editor
Fucci, Davide
By organisation
Department of Software Engineering
Software Engineering

Search outside of DiVA

GoogleGoogle Scholar
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 384 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.47.0
|
WCAG
|
BTH Library
|
Publish/Register
|
How to publish/register
|
Diva portal
|
SwePub
|
Uppsök